Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs ThreatLocker Zero Trust Endpoint Protection Platform comparison

Palo Alto Networks and ThreatLocker are both solutions in the Endpoint Protection Platform (EPP) category. Palo Alto Networks is ranked #4 with an average rating of 8.6, while ThreatLocker is ranked #11 with an average rating of 8.9. Palo Alto Networks holds a 4.1% mindshare in EPP, compared to ThreatLocker’s 0.7% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 92% of ThreatLocker users who would recommend it.
Cortex XDR by Palo Alto Net...
Read 89 Cortex XDR by Palo Alto Networks reviews
  • 17,571 Views
  • 10,266 Comparison Views
95% willing to recommend
ThreatLocker Zero Trust End...
Read 18 ThreatLocker Zero Trust Endpoint Protection Platform reviews
  • 2,452 Views
  • 1,666 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 19, 2024

Cortex XDR by Palo Alto Networks and ThreatLocker Zero Trust Endpoint Protection Platform compete in the endpoint security category. Cortex XDR has a more comprehensive integration with security infrastructure and advanced threat detection capabilities, giving it an edge in security offerings.

Features: Cortex XDR provides advanced threat detection, WildFire AI for improved security insights, and behavior-based detection capabilities. It also seamlessly integrates with Palo Alto products for enhanced security coverage. ThreatLocker focuses on zero-trust principles, offering application control, ring-fencing, and allowlisting. It also features a learning mode to create secure baselines for applications, providing a robust security environment.

Room for Improvement: Cortex XDR could improve in areas such as reporting, configuration flexibility, and false positive reduction. It also needs better integration with its own products and improved mobile integration. ThreatLocker could enhance its user interface, ease of learning for new users, and integration with PSA systems to improve deployment and policy management experiences.

Ease of Deployment and Customer Service: Cortex XDR is flexible for various cloud deployments but faces criticism for complex setups. Customer service feedback varies from poor to excellent, depending on the support team encountered. ThreatLocker supports on-premises and hybrid deployments with positive customer service feedback, though it could offer more flexibility in training options for users.

Pricing and ROI: Cortex XDR is seen as expensive, especially outside the US, but offers good value due to its robust security features. It provides pricing flexibility through adjustable licenses. ThreatLocker is viewed as reasonably priced, offering a fair model for scalable deployments. Its comprehensive coverage provides a good ROI, enhancing security efficiency and client service.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. ThreatLocker Zero Trust Endpoint Protection Platform Report (Updated: January 2025).
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. ThreatLocker Zero Trust Endpoint Protection Platform
January 2025
Download the complete report
Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.6
Organizations see reduced incidents, cost savings, and improved security with Cortex XDR, enhancing compliance and user satisfaction.
Sentiment score
8.2
ThreatLocker enhances security and productivity with real-time protection, leading to revenue growth and improved efficiency in one year.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
The measurable benefits of using ThreatLocker include ensuring real-time protection of organizational resources and maintaining user authentication and protection levels to reduce risks.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
 

Customer Service

Sentiment score
6.5
Cortex XDR's customer service is mixed, praised for efficiency but criticized for slow response and high costs in some areas.
Sentiment score
8.4
ThreatLocker Zero Trust Endpoint Protection offers highly-rated, efficient customer service, with rapid response times and knowledgeable support, achieving user satisfaction.
Every vendor has similar support; it depends on how the case is handled and raised.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
ThreatLocker's technical support process could be streamlined by reducing the number of steps required to reach a human agent.
It could be better, especially with response times.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
EC
reviewer2594715 - PeerSpot reviewerMusah Ibrahim - PeerSpot reviewer
 

Scalability Issues

Sentiment score
7.6
Cortex XDR excels in scalability, supporting diverse organizations with seamless cloud management and efficient deployment across various environments.
Sentiment score
8.3
ThreatLocker efficiently scales for all business sizes, seamlessly managing thousands of endpoints without issues, supporting diverse infrastructures.
 

Stability Issues

Sentiment score
8.1
Cortex XDR is stable and reliable, with improved performance over time, despite occasional database challenges and false alerts.
Sentiment score
6.8
ThreatLocker offers stable endpoint protection, with minimal issues that are quickly resolved, enhancing reliability and performance for users.
Cortex XDR is stable, offering high quality and reliable performance.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
Stability can be improved as there are times it goes down or requires management to adjust policies.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
 

Room For Improvement

Cortex XDR requires enhancements in customization, integration, efficiency, threat detection, pricing, and support to address enterprise challenges.
ThreatLocker could enhance its platform with flexible training, user interface improvements, better integrations, and more comprehensive support.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
This is problematic when immediate attention is needed.
Comprehensive 24-hour log monitoring is a valuable enhancement for both business and enterprise-level users.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
EC
Musah Ibrahim - PeerSpot reviewerreviewer2594715 - PeerSpot reviewer
 

Setup Cost

Cortex XDR pricing is viewed as flexible by some, but others find it expensive, varying by usage and features.
Enterprise users value ThreatLocker's cost-effective Zero Trust Platform for its comprehensive features, excellent support, and customizable tiered pricing.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
The pricing is reasonable and normal.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
 

Valuable Features

Cortex XDR offers advanced endpoint security, integration, AI threat analytics, user-friendly interface, scalability, and low resource consumption.
ThreatLocker offers mobile access, zero trust protection, granular control, and support, enhancing security and reducing management costs.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
ThreatLocker's most valuable feature is its scanning capability, which executes all types of executable files.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Ransomware Protection
2nd
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
89
Ranking in other categories
Extended Detection and Response (XDR) (7th), AI-Powered Cybersecurity Platforms (4th)
ThreatLocker Zero Trust End...
Ranking in Endpoint Protection Platform (EPP)
11th
Ranking in Ransomware Protection
5th
Average Rating
9.0
Reviews Sentiment
7.5
Number of Reviews
18
Ranking in other categories
Network Access Control (NAC) (5th), Advanced Threat Protection (ATP) (8th), Application Control (4th), ZTNA (8th)
 

Mindshare comparison

As of February 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.1%, down from 5.3% compared to the previous year. The mindshare of ThreatLocker Zero Trust Endpoint Protection Platform is 0.7%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Read full review
Musah Ibrahim - PeerSpot reviewer
Highly effective at controlling applications and securing our systems
As an architecture firm, we rely on TAISE’s Cybersecurity-as-a-Service (CaaS) to keep our systems safe from malware threats. TAISE introduced us to ThreatLocker, which has become essential in safeguarding our infrastructure by blocking unapproved applications and defending against unknown malware. Given our exposure to frequent malware, ThreatLocker, through TAISE's expert implementation, has proven invaluable ThreatLocker Protect is very simple and easy to understand. You do not need much technical knowledge to be able to use it. It is very good. Anybody with a bit of IT knowledge is able to handle it. Ringfencing adds an extra layer of defense. If an application is compromised, you can just exclude the computer and do your troubleshooting and find out what the problem was. It goes hand in hand with application whitelisting. It has been very helpful. It adds an extra security system which is very much needed for our infrastructure. ThreatLocker Protect has improved my organization greatly. Before using ThreatLocker Protect, we experienced a malware attack that caused significant damage, corrupting many of our files. Since implementing ThreatLocker Protect, we have not faced any such issues, and our operations have been smooth. We were able to realize its benefits immediately. No user can install any unknown applications or unauthorized applications on their own. I have been able to manage my systems effectively without any malware. ThreatLocker Protect has reduced our help desk tickets by about 40%, as every software they use is approved by me before use, limiting unauthorized installations. ThreatLocker Protect has freed up a lot of time. I do not have to do much with the help desk because our systems are protected with ThreatLocker Protect.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
838,713 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
9%
Government
8%
Manufacturing Company
7%
Computer Software Company
37%
Retailer
8%
Financial Services Firm
5%
Manufacturing Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
What do you like most about ThreatLocker Allowlisting?
The interface is clean and well-organized, making it simple to navigate and find what we need.
See all answers
What is your experience regarding pricing and costs for ThreatLocker Allowlisting?
I handle the technical aspects, while my manager deals with pricing. Although the pricing seems good, there have been inconsistencies in contract negotiations. What we are told during calls sometim...
See all answers
What needs improvement with ThreatLocker Allowlisting?
ThreatLocker would benefit from incorporating an antivirus feature or comprehensive 24-hour log monitoring, a valuable enhancement for both business and enterprise-level users.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 13% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 7% of the time
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
Compared 7% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 5% of the time
Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks Logo
Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
More Cortex XDR by Palo Alto Networks Competitors
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 29% of the time
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 20% of the time
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 20% of the time
Huntress Managed EDR vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Huntress Managed EDR vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
Microsoft Defender for Office 365 vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Microsoft Defender for Office 365 vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 3% of the time
More ThreatLocker Zero Trust Endpoint Protection Platform Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
February 2025
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform
January 2025
ThreatLocker Zero Trust Endpoint Protection Platform reportDownload ThreatLocker Zero Trust Endpoint Protection Platform product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Protect, Allowlisting, Network Control, Ringfencing
 

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?
  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.
What benefits should be considered in reviews?
  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

ThreatLocker Zero Trust Endpoint Protection Platform offers robust endpoint security through application control and allowlisting, safeguarding servers and workstations from unauthorized software execution.

ThreatLocker Zero Trust Endpoint Protection Platform provides extensive application control with features like ring-fencing and selective elevation, ensuring meticulous execution management. Offering learning mode and extensive support, it integrates threat detection and activity monitoring to enhance compliance, reduce costs, and bolster cybersecurity through alerts and approvals. Despite its strengths, there are areas for improvement in training flexibility, policy updates, and interface enhancements, along with challenges in handling non-digitally signed software. Deployed across environments, it works well with existing cybersecurity instruments for real-time threat prevention.

What are the top features of ThreatLocker?
  • Intuitive Interface: User-friendly design simplifies endpoint protection management.
  • Application Blocking: Prevents unauthorized applications from running.
  • Selective Elevation: Grants control over application permissions.
  • Ring-Fencing: Isolates applications to limit interactions.
  • Allowlisting: Ensures only trusted software can execute.
  • Learning Mode: Facilitates configuration by observing user behavior.
  • Real-Time Support: Access to assistance and training resources.
What benefits should reviewers seek?
  • Compliance: Meets regulatory standards.
  • Operational Cost Reduction: Consolidated alerts and approvals.
  • Enhanced Cybersecurity: Prevention of unauthorized applications.
  • Regulatory Alignment: Helps ensure adherence to legal requirements.

ThreatLocker Zero Trust Endpoint Protection Platform is widely implemented to safeguard IT infrastructures against unauthorized access and application use. In sectors where data security is paramount, this platform enables users to prevent unauthorized software installations and control device applications, ensuring real-time threat prevention and compliance with industry regulations.

ThreatLocker
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. ThreatLocker Zero Trust Endpoint Protection Platform
January 2025
Free Report: Cortex XDR by Palo Alto Networks vs. ThreatLocker Zero Trust Endpoint Protection Platform
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. ThreatLocker Zero Trust Endpoint Protection Platform and other solutions. Updated: January 2025.
DOWNLOAD NOW
838,713 professionals have used our research since 2012.
See our Cortex XDR by Palo Alto Networks vs. ThreatLocker Zero Trust Endpoint Protection Platform report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Ransomware Protection vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.